Description

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php.

Remediation

References

CVE-2018-20148

Related Vulnerabilities

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (2.1.5)

Internet Information Services Other Vulnerability (CVE-2002-1908)

WordPress Plugin Import any XML or CSV File to WordPress Multiple Vulnerabilities (3.2.4)

PHP Numeric Errors Vulnerability (CVE-2016-10158)

Phusion Passenger Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-12029)

Severity

Critical

Classification

CVE-2018-20148 CWE-502 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities